The Transportation Security Administration (TSA) recently announced it is easing some of the pipeline-cybersecurity rules that were issued following the Colonial Pipeline attack in May 2021. Companies will now have more time to report cyberattacks (i.e., 24 hours, which is double the previously mandated timeline) and more control when designing their cyber-defenses. The industry collective was displeased with the guidelines TSA issued in response to the Colonial Pipeline ransomware attack, preferring outcome-oriented guidelines. For example: accomplish this task, or achieve this level of security in a way that you can oversee how you design your security defenses. It’s important to build regulations, but the regulatory process in the US is slow, so there needs to be a balance in setting regulations that aren’t too prescriptive.
Case Western Reserve University and several partners including AMI are launching a new